<?php

include("mysql_conn.php");

$username = mysql_real_escape_string($_POST["username"]);
$submitter = mysql_real_escape_string($_POST["submitter"]);
$title = mysql_real_escape_string($_POST["title"]);
$origduedate = mysql_real_escape_string($_POST["origduedate"]);
$currduedate = mysql_real_escape_string($_POST["currduedate"]);
$state = mysql_real_escape_string($_POST["state"]);

$sql="insert into projects (username, submitter, title, origduedate, currduedate, state) values ('$username','$submitter','$title',str_to_date('$origduedate','%m/%d/%Y'),str_to_date('$currduedate','%m/%d/%Y'),'$state')";

if (!mysql_query($sql,$con))
  {
  die('Error: ' . mysql_error());
  }
// now we have to go through this to get the projectid that was just created

$result=mysql_query("select max(projectid) from projects where username='$_POST[username]' and submitter='$_POST[submitter]' and state='$_POST[state]'");

while($row=mysql_fetch_array($result))
{
 $projectid=$row['max(projectid)'];
}

// so we can throw an informational update into the updates table. 
// Type 1 updates will be ignored by the reports and tasks, but used
// to get last-updated stats for new projects (and perhaps status 
// changes in the future 

$sql2="insert into updates (projectid, updatetype, updatetext) values ('$projectid', 'I', 'Project $projectid created')";

if (!mysql_query($sql2,$con))
  {
  die('Error: ' . mysql_error());
  }

echo "<html><head><meta http-equiv='refresh' content='0;url=myprojects.php'><link rel='stylesheet' type='text/css' href='style.css'></head><body>
Project Created successfully.<p>
<a href='myprojects.php'>My Projects</a>
</body></html>";

mysql_close($con)
?>

